Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 701814 (CVE-2019-19269) - net-ftp/proftpd: NULL pointer dereference when validating the certificate of a client connecting to the server (CVE-2019-19269)
Summary: net-ftp/proftpd: NULL pointer dereference when validating the certificate of ...
Status: IN_PROGRESS
Alias: CVE-2019-19269
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://github.com/proftpd/proftpd/is...
Whiteboard: B3 [upstream/ebuild]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-12-02 22:22 UTC by GLSAMaker/CVETool Bot
Modified: 2019-12-02 22:52 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2019-12-02 22:22:54 UTC
CVE-2019-19269 (https://nvd.nist.gov/vuln/detail/CVE-2019-19269):
  An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A
  dereference of a NULL pointer may occur. This pointer is returned by the
  OpenSSL sk_X509_REVOKED_value() function when encountering an empty CRL
  installed by a system administrator. The dereference occurs when validating
  the certificate of a client connecting to the server in a TLS client/server
  mutual-authentication setup.
Comment 2 Larry the Git Cow gentoo-dev 2019-12-02 22:52:49 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e2c36f1aded32d1feee68284b3823a77a027ff04

commit e2c36f1aded32d1feee68284b3823a77a027ff04
Author:     Sergei Trofimovich <slyfox@gentoo.org>
AuthorDate: 2019-12-02 22:52:15 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2019-12-02 22:52:42 +0000

    net-ftp/proftpd: CVE-2019-19269 fix, bug #701814
    
    Pick upstream commit be8e1687819cb6 ("Issue #859, #861: Fix handling of
    CRL lookups by properly using issuer for lookups, and guarding against
    null pointers.")
    
    Bug: https://bugs.gentoo.org/701814
    Package-Manager: Portage-2.3.80, Repoman-2.3.19
    Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>

 .../files/proftpd-1.3.6b-tls-crl-crash.patch       |  40 +++
 net-ftp/proftpd/proftpd-1.3.6b-r1.ebuild           | 275 +++++++++++++++++++++
 2 files changed, 315 insertions(+)